1 package org.apache.turbine.modules.actions;
2
3 /* ====================================================================
4 * The Apache Software License, Version 1.1
5 *
6 * Copyright (c) 2001 The Apache Software Foundation. All rights
7 * reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. The end-user documentation included with the redistribution,
22 * if any, must include the following acknowledgment:
23 * "This product includes software developed by the
24 * Apache Software Foundation (http://www.apache.org/)."
25 * Alternately, this acknowledgment may appear in the software itself,
26 * if and wherever such third-party acknowledgments normally appear.
27 *
28 * 4. The names "Apache" and "Apache Software Foundation" and
29 * "Apache Turbine" must not be used to endorse or promote products
30 * derived from this software without prior written permission. For
31 * written permission, please contact apache@apache.org.
32 *
33 * 5. Products derived from this software may not be called "Apache",
34 * "Apache Turbine", nor may "Apache" appear in their name, without
35 * prior written permission of the Apache Software Foundation.
36 *
37 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
38 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
39 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
40 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
43 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
44 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
46 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
47 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
48 * SUCH DAMAGE.
49 * ====================================================================
50 *
51 * This software consists of voluntary contributions made by many
52 * individuals on behalf of the Apache Software Foundation. For more
53 * information on the Apache Software Foundation, please see
54 * <http://www.apache.org/>.
55 */
56
57 // Turbine Utility Classes
58 import org.apache.turbine.modules.Action;
59 import org.apache.turbine.services.security.TurbineSecurity;
60 import org.apache.turbine.util.RunData;
61 import org.apache.turbine.util.security.AccessControlList;
62
63
64 /***
65 * This action doPerforms an Access Control List and places it into
66 * the RunData object, so it is easily available to modules. The ACL
67 * is also placed into the session. Modules can null out the ACL to
68 * force it to be rebuilt based on more information.
69 *
70 * <p>
71 *
72 * Turbine uses a User-Role-Permission arrangement for access control.
73 * Users are assigned Roles. Roles are assigned Permissions. Turbine
74 * modules then check the Permission required for an action or
75 * information with the set of Permissions currently associated with
76 * the session (which are dependent on the user associated with the
77 * session.)
78 *
79 * <p>
80 *
81 * The criteria for assigning Roles/Permissions is application
82 * dependent, in some cases an application may change a User's Roles
83 * during the session. To achieve flexibility, the ACL takes an
84 * Object parameter, which the application can use to doPerform the
85 * ACL.
86 *
87 * <p>
88 *
89 * This action is special in that it should only be executed by the
90 * Turbine servlet.
91 *
92 * @author <a href="mailto:john.mcnally@clearink.com">John D. McNally</a>
93 * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
94 * @version $Id: AccessController.java,v 1.1.1.1 2001/08/16 05:08:31 jvanzyl Exp $
95 */
96 public class AccessController extends Action
97 {
98 /***
99 * If there is a user and the user is logged in, doPerform will
100 * set the RunData ACL. The list is first sought from the current
101 * session, otherwise it is loaded through
102 * <code>TurbineSecurity.getACL()</code> and added to the current
103 * session.
104 *
105 * @see org.apache.turbine.services.security.TurbineSecurity
106 * @param data Turbine information.
107 * @exception Exception, a generic exception.
108 */
109 public void doPerform( RunData data )
110 throws Exception
111 {
112 if ( data.getUser() != null && data.getUser().hasLoggedIn() )
113 {
114 AccessControlList acl = (AccessControlList)
115 data.getSession().getValue(AccessControlList.SESSION_KEY);
116 if ( acl == null )
117 {
118 acl = TurbineSecurity.getACL( data.getUser() );
119 data.getSession().putValue( AccessControlList.SESSION_KEY,
120 (Object)acl );
121 }
122 data.setACL(acl);
123 }
124 }
125 }
This page was automatically generated by Maven